@stacksjs/tlsx/dist/certificate/native-crypto.d.ts

A TLS/HTTPS library with automation.

import crypto from 'node:crypto';
/**
 * Generate a random serial number
 */
export declare function generateSerialNumber(): Buffer;
/**
 * Generate an RSA key pair
 */
export declare function generateKeyPair(keySize?: any): { privateKey: crypto.KeyObject, publicKey: crypto.KeyObject };
/**
 * Calculate Subject Key Identifier (SHA-1 hash of public key)
 */
export declare function calculateSubjectKeyIdentifier(publicKey: crypto.KeyObject): Buffer;
/**
 * Create a certificate
 */
export declare function createCertificate(options: CreateCertificateOptions): { certificate: string, certificateDer: Buffer };
/**
 * Export private key to PEM
 */
export declare function privateKeyToPem(privateKey: crypto.KeyObject): string;
/**
 * Import private key from PEM
 */
export declare function privateKeyFromPem(pem: string): crypto.KeyObject;
/**
 * Import certificate from PEM and extract public key
 */
export declare function certificateFromPem(pem: string): { publicKey: crypto.KeyObject, subject: Array<{ shortName: string, value: string }> };
/**
 * Make a hex string positive (ensure no leading 00 issues)
 */
export declare function makeSerialPositive(serial: Buffer): string;
export declare interface SubjectAltNameEntry {
  type: number
  value?: string
  ip?: string
}
export declare interface CertificateParams {
  serialNumber: Buffer
  notBefore: Date
  notAfter: Date
  subject: Array<{ shortName: string, value: string }>
  issuer: Array<{ shortName: string, value: string }>
  publicKey: crypto.KeyObject
  extensions?: {
    basicConstraints?: { isCA: boolean, critical?: boolean, pathLenConstraint?: number }
    keyUsage?: { digitalSignature?: boolean, keyEncipherment?: boolean, keyCertSign?: boolean, cRLSign?: boolean, critical?: boolean }
    extendedKeyUsage?: { serverAuth?: boolean, clientAuth?: boolean }
    subjectAltName?: SubjectAltNameEntry[]
    subjectKeyIdentifier?: Buffer
  }
}
export declare interface CreateCertificateOptions {
  serialNumber?: Buffer
  notBefore: Date
  notAfter: Date
  subject: Array<{ shortName: string, value: string }>
  issuer?: Array<{ shortName: string, value: string }>
  publicKey: crypto.KeyObject
  signingKey: crypto.KeyObject
  isCA?: boolean
  pathLenConstraint?: number
  keyUsage?: { digitalSignature?: boolean, keyEncipherment?: boolean, keyCertSign?: boolean, cRLSign?: boolean }
  extendedKeyUsage?: { serverAuth?: boolean, clientAuth?: boolean }
  subjectAltName?: SubjectAltNameEntry[]
}